Mercurial > prosody-modules

view mod_s2s_auth_samecert/mod_s2s_auth_samecert.lua @ 5853:97c9b76867ca

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
mod_log_ringbuffer: Detach event handlers on logging reload (thanks Menel) Otherwise the global event handlers accumulate, one added each time logging is reoladed, and each invocation of the signal or event triggers one dump of each created ringbuffer.
author Kim Alvefur <zash@zash.se>
date Sun, 03 Mar 2024 11:23:40 +0100
parents c9397cd5cfe6
children
line wrap: on
line source

module:set_global()

local hosts = prosody.hosts;

module:hook("s2s-check-certificate", function(event)
	local session, cert = event.session, event.cert;
	if not cert or session.direction ~= "incoming" then return end

	local outgoing = hosts[session.to_host].s2sout[session.from_host];
	if outgoing and outgoing.type == "s2sout" and outgoing.secure and outgoing.conn:socket():getpeercertificate():pem() == cert:pem() then
		session.log("debug", "Certificate matches that of s2sout%s", tostring(outgoing):match("[a-f0-9]+$"));
		session.cert_identity_status = outgoing.cert_identity_status;
		session.cert_chain_status = outgoing.cert_chain_status;
		return true;
	end
end, 1000);